When late last year Facebook changed its Statement of Rights and Responsibilities and Data Use Policy, the social network's users lost their right to vote on future proposed changes, but retained that of commenting on them when they are made public and influencing their final form.

At the time, Elliot Schrage, Facebook’s vice president of communications, public policy, and marketing, announced new ways to establish a "meaningful dialogue" between the company and the Facebook community, among which was also a new feature that would let users submit questions to Erin Egan, Facebook's Chief Privacy Officer of Policy.

The feature has finally been launched today (coincidence or not, today is also Data Privacy Day), and can be accessed here.

Users are urged to submit privacy-related questions to Egan by filling out an online form, and she will answer a few of them each month. She has started this month by answering some privacy questions she gets asked on a regular basis.

In one of the answers she pointed out a fact that not many people are aware of, and that's that Facebook has two Chief Privacy Officers. While Egan focuses on policy, her colleague Michael Richter focuses on product.

This division of responsibility seems to be reflected in the setup of the online form, as users with questions about a Facebook product are instructed to consult Facebook's Help Center.

Among the questions answered was also that of whether Facebook sells users' private information to advertisers.

"Facebook, like many companies on the web, is able to keep our service free by including advertisements. But we don’t make money by selling your private information to third parties. Instead, we support our service by showing you relevant ads that help you discover products and services that are interesting to you. We use the things you do and share on Facebook, including demographics, likes and interests to show ads that are more relevant to you," she pointed out, adding that the advertiser may only be shown aggregate statistics about who saw a particular ad, but not private information about those who did.

Spotlight

35 percent of employees would sell information on company patents, financial records and customer credit card details if the price was right. This illustrates the growing importance for organizations to deploy data loss prevention strategies.

Sun Tzu's writings have been studied throughout the ages by professional militaries and can used to not only answer the question of whether or not we are in a cyberwar, but how one can fight a cyber-battle.

Infosec consultant Paul Moore came up with a working solution to thwart a type of behavioral profiling. The result is a Chrome extension called Keyboard Privacy, which prevents profiling of users by the way they type by randomizing the rate at which characters reach the DOM.

There is still way too much apathy when it comes to data-centric security. Given the sensitive data the OPM was tasked with protecting, it should have had state-of-the-art data protection, but instead it has become the poster child for IT security neglect.